CNS-Enabled Device Unable to Connect with CCE

Problem: A device is created in the Cisco Configuration Engine user interface but the device indicator displays a red status.

Possible Cause: The red status indicates that the device is unable to connect with Cisco Configuration Engine or it is still trying to connect. A connection delay might occur due to the device setting of the backoff timer. After the time has expired, the indicator does not turn to green, follow the steps given below.

Solution: To resolve this problem, follow these steps:

1. Make sure that the Event ID and Config ID match with what is defined on the device.

e.(Optional) To resolve hostnames, set up the DNS on the device by entering the following command:

ip name-server <ip address of DNS>

6. If the device status changes from green to red after Cisco Configuration Engine set up, follow the steps in “Device Status” section.

CNS-Enabled Device Configuration Update Failed

Problem: The Device configuration update fails.

Possible Cause: This problem can occur for one of the following reasons:

Invalid commands in the configuration template

Device is not online (RED)

Solution: To resolve this problem, follow these steps:

If the device appears RED (offline), go to Step 2 and 3 to make the device GREEN (online) before proceeding with step 1.

a. In the Cisco Configuration Engine host, start the event listener and enter the following commands:

cd $CISCO_CE_INSTALL_ROOT/CSCOcnsie/tools./cns-listen ?cisco.>?

Check the cfgsrv log file. This file is located at: /var/log/CNSCE/cfgsrv/cfgsrv.log.
In the device, use the debug cns all command to enable debugging. If debug messages displays the CNS_INVALID_CLI_CMD as shown below, the config template might contain invalid commands. Apply those commands one by one on the router to find which command failed and remove or fix them from the template.

a. Make sure that the Event ID and Config ID match with what is defined on the device.

b. Make sure that the object status for the device in Cisco Configuration Engine is green. Green indicates that the Cisco Configuration Engine and the device are connected.

c. To verify that TibGate is up and running, enter the following command:

/etc/rc.d/init.d/EvtGateway status/etc/rc.d/init.d/EvtGateway status

Note: If encryption is enabled, the TibGate ports begin with even numbers that begin from 11012. If encryption is not enabled, the TibGate ports begin with odd numbers that begin from 11011. Each TibGate port can support a maximum of 500 devices. You specify the number of the TibGates during the Cisco Configuration Engine set up program. Make sure that the number of devices on each TibGate port does not exceed the maximum.

For details, see the “Scalability Among Event Gateway Ports” chapter in the Cisco Configuration Engine Installation and Configuration Guide, 3.5.

d. If the authentication feature is enabled in the Cisco Configuration Engine, make sure that the device password (cns password <password string>) that is defined in the Cisco Configuration Engine user interface, matches with what is defined on the device. Otherwise, use the resync device command to reset the CNS password.

To use the resync command from the Cisco Configuration Engine user interface, do the following:

b. From the Groups list, choose the group that contains the device you want to resynchronize. Then click the icon for the device.

c. In the confirmation window, click Ok.

e. Make sure that the downloading configuration semantics and syntax for the device are correct.

f. If the device in the Cisco Configuration Engine was initially set as None, then deleted, and then re-created as an agent-enabled device, you must rename the Config ID and Event ID on both the device and the Cisco Configuration Engine user interface.

g. During the Cisco Configuration Engine set up, if a port other than the default port 80 is configured for HTTP, make sure that the same port number is also configured on the device.

3. Check the following on the device:

a. Make sure that the following Event ID string is defined:

cns id string <id string>
cns id string <id string> event

The default value of the <id string> is the hostname of the device. This ID must be the same as the Config ID defined in the Cisco Configuration Engine host.

b. To verify that the Cisco Configuration Engine hostname or IP address is specified to receive events, enter the following command:

cns event <configengine hostname or ip address> keepalive 30 10

Note: Make sure that the TibGate port of this device is correct. The TibGate port must match the port that is defined in the Cisco Configuration Engine.

c. If the authentication feature is enabled in the Cisco Configuration Engine, make sure that the device password (cns password <password string>) matches what is defined in the Cisco Configuration Engine user interface.

Note: You cannot see the password setting after you configure it on the router, nor can you edit the password in Cisco Configuration Engine. Therefore, you must reset the password. To reset the password, use the Resync Device feature in the Cisco Configuration Engine.

d. During the Cisco Configuration Engine set up, if a port other than the default port 80 is configured for HTTP, make sure that the same port number is also configured on the device. To configure the http port on the device, enter the following command:

cns config partial <CE hostname> <http port>

4. If you have tried all the preceding steps and the device configuration update still fails, enable the debugging tools.

In the Cisco Configuration Engine host, start the event listener by enter the following commands:

cd $CISCO_CE_INSTALL_ROOT/CSCOcnsie/tools./cns-listen “cisco.>”

Check the cfgsrv log file. This file is located at: /var/log/CNSCE/cfgsrv/cfgsrv.log.

In the device, use the debug cns config all command to enable debugging. Analyze the output to verify that the device is set up correctly with proper connectivity.

5. Re-run the scenario, check the event traffic and the information from the device, capture the data, and then contact the Cisco TAC for assistance.

Configuration Update Stuck in Queue After Data Migration

Problem: The configuration update is stuck in queue after data migration.

Possible Cause: This problem can occur if you did not enter the correct country code and company code information during the set up program.

Solution: After data migration from release 3.0 to 3.5, the OpenLDAP schema is transferred to a new host. To reuse the existing OpenLDAP schema for the new host, make sure that the country code and the company code information on the new host matches with what is defined on the old host. Follow these steps:

1. To reinitialize the system, enter the following command:

/opt/ConfigEngine/CSCOcnsie/reinitialize

2. To run data migration again, enter the following command:

/opt/ConfigEngine/CSCOcnsie/bin/datamigrate

3. To run the set up program again, enter the following command:

opt/ConfigEngine/CSCOcnsie/setup

Note: Make sure that you run the set up program in bash shell. If the shell is not in bash, press ctrl-c to exit. Configure your shell in bash, and then re-run the set up program.

4. When entering the set up parameters, make sure that the country code and the company code information for the new host matches with what is defined on the old host.

Note: The country code and the company code in the OpenLDAP schema are case sensitive.

For detailed information about the parameters in the set up program, see the Cisco Configuration Engine Administration Guide.

Configuration Update Stuck in Queue After Data Backup and Restore

Problem: The configuration update is stuck in the queue after data backup and restore.

Possible Cause: This problem can occur if you did not enter the correct country code and company code information during the set up program.

'Solution: When you back up data and restore it, the OpenLDAP schema is transferred to a new host. To re-use the existing OpenLDAP schema for the new host, make sure that the country code and the company code information on the new host matches with what is defined on the old host. Follow these steps:

1. To reinitialize the system, enter the following command:

/opt/ConfigEngine/CSCOcnsie/reinitialize

2. To run data restore again, enter the following command:

/opt/ConfigEngine/CSCOcnsie/bin/datarestore

3. To run the set up program again, enter the following command:

/opt/ConfigEngine/CSCOcnsie/setup

Note: Make sure that you run the set up program in bash shell. If the shell is not in bash, press ctrl-c to exit. Configure your shell in bash, and then re-run the set up program.

4. When entering the set up parameters, make sure that the country code and the company code information for the new host matches with what is defined on the old host.

Note: The country code and the company code in the OpenLDAP schema are case sensitive.

For detailed information about the parameters in the set up program, see the Cisco Configuration Engine Administration Guide.